Content providers are concerned about the security of products (i.e., video content and audio content) delivered by digital media (i.e., DVDs). Without protection, the digital media content can be copied almost flawlessly allowing high quality pirated DVDs, computer files and the like. Systems for encrypting the output signals of DVD players and set-top-boxes, such as High-bandwidth Digital Content Protection (HDCP), have been defined. However, inside the DVD players and the set-top-boxes, a chip that performs the video decoding (typically according to MPEG or similar encoding standards) will place decoded images that are not encrypted into an external memory chip. Dedicated adversaries can recover unencrypted picture sequences by analyzing the data that the decoder chips write into the connected external memory chips.
To decode the video data, areas of previously decoded images stored in the external memory are accessible on demand, the accesses being essentially at random. The random access behavior precludes using many conventional encryption methods that encrypt large blocks of data. Whenever even a small part of an encrypted block is accessed, the whole encrypted block is read from external memory and decrypted. The memory bandwidth consumed moving the encrypted blocks back and forth prevents the block encryption from being a viable approach. For example, Mike Frantzen and Brian Koehl of Purdue University disclose a large block (i.e., cache-block sized blocks of data) encryption approach in a paper “Encrypting off Processor Memory”, December 2000, http://www.w4g.org/ee565.html. However, the Frantzen and Koehl approach does not access small areas of image data accessed in random to form predictions.